Total Pageviews

Nov 12, 2010

Facebook has systems to detect the rare cases when an account is taken over and used to send spam. When this happens, we shut off access to the account. The next time you visit Facebook, we ask you to complete a few steps to re-secure the account.

If you can’t reset your password because the email address you use to log in has changed, or if your account has been disabled, visit our help page.

Make sure you have up-to-date security software on your computer, run a scan, and remove any malicious files. If you don’t do this, and your computer is infected, your account may be taken over again. If you don’t yet have protection for your computer, you can download a complimentary six-month subscription of McAfee security software. Learn more on the Software tab.

If a friend’s account has been taken over and used to send spam, you should follow these steps immediately:

Tell your friend to check out this Page and follow the steps above.

Warn those who received the spam not to click on it, and to delete it from their Walls and Inboxes.

When we talk about security, we're talking about scams, viruses, and hacks that could infect your computer or take over your Facebook account and result in a lot of annoyance for you and your friends.

Security isn't just an issue on Facebook, but all over the web, which is why it's important to be aware online, and to learn how to protect your accounts and your computer.

Here are some ways to be smart and aware on Facebook and across the Internet:

Don’t click on links or open attachments in suspicious emails. If the email looks weird, don’t trust it, and delete it from your inbox immediately.

Be wary of where you enter your password. Just because a page on the Internet looks like Facebook or another site you use, it doesn’t mean that it is. Check the address bar in your browser, and learn to tell the difference between a good URL and a bad one. If you ever have doubts about the legitimacy of a link, simply type the website’s URL (for example, http://www.facebook.com) into the address bar.

Be suspicious of any email or message that contains an urgent request or asks you to update your information or provide new information.

Be suspicious of emails or messages that contain misspellings or use bad grammar, especially if they’re from someone who is usually a good writer.

Make sure you have an up-to-date web browser equipped with an anti-phishing blacklist. Some examples are Internet Explorer 8.0 and Firefox 3.0.10.

Make sure you have up-to-date comprehensive security software on your computer that includes anti-virus, anti-spyware, anti-phishing, and a firewall.

Make sure you've set your operating system to update automatically.

Make sure you’ve listed a security question and answer for your online accounts. This will come in handy if you ever lose access and need to prove who you are. You can do this on Facebook from the Account Settings page. You should also add a mobile phone number from this page, which will help if we ever need to send you a text message to confirm your identity.

Don’t share your passwords with anyone. Don’t do it. Most reputable online services will never ask for your password through any form of communication.

Use different passwords for your various online accounts. If you use the same password everywhere, and it’s stolen, you could lose access to all of your accounts at once.

Use a complex password that can’t be easily guessed. Avoid common words, and make sure your password is at least eight characters long and includes capital and lower case letters, numbers, and symbols.

Remember that you choose what you share and with whom you share it. Think before you post, especially if the information is sensitive or personal in nature. You can learn more about how to control your information on Facebook, including how to choose an audience for each and every post you make, in our Privacy Guide.

Use caution when accessing or sending information over an unsecured public wireless network. Unless you can verify that a Wi-Fi network is secure, you may want to avoid transmitting sensitive information.